Se connecter / S'enregistrer
Votre question

[Résolu] Infection par TR/Crypt.XPACK.Gen

Tags :
  • Scan
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Novembre 2009 17:16:31

Bonjour, je viens de faire un scan complet et j'ai découvert 3 cheval de troie, seul solution les mettre en quarantaine..

Pouvez vous m'aidez a les supprimé ?

Voici le rapport =>

Merci pour ceux qui voudront bien m'aider ;) 


Spoiler
Avira AntiVir Personal
Report file date: lundi 9 novembre 2009 15:58

Scanning for 1871913 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ASSMANN-2090BC3

Version information:
BUILD.DAT : 9.0.0.410 18074 Bytes 25/09/2009 11:56:00
AVSCAN.EXE : 9.0.3.7 466689 Bytes 21/07/2009 13:36:14
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27/02/2009 10:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20/02/2009 11:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27/02/2009 10:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 13:50:58
ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24/06/2009 13:50:58
ANTIVIR2.VDF : 7.1.6.160 5413376 Bytes 28/10/2009 13:41:44
ANTIVIR3.VDF : 7.1.6.203 342528 Bytes 06/11/2009 15:31:15
Engineversion : 8.2.1.61
AEVDF.DLL : 8.1.1.2 106867 Bytes 15/09/2009 15:58:02
AESCRIPT.DLL : 8.1.2.44 586107 Bytes 07/11/2009 15:31:58
AESCN.DLL : 8.1.2.5 127346 Bytes 03/09/2009 15:24:42
AERDL.DLL : 8.1.3.2 479604 Bytes 02/10/2009 22:15:48
AEPACK.DLL : 8.2.0.3 422261 Bytes 05/11/2009 14:21:24
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 17/06/2009 14:32:46
AEHEUR.DLL : 8.1.0.180 2093432 Bytes 07/11/2009 15:31:52
AEHELP.DLL : 8.1.7.0 237940 Bytes 03/09/2009 15:24:42
AEGEN.DLL : 8.1.1.71 364916 Bytes 05/11/2009 14:21:22
AEEMU.DLL : 8.1.1.0 393587 Bytes 02/10/2009 22:15:48
AECORE.DLL : 8.1.8.2 184694 Bytes 05/11/2009 14:21:22
AEBB.DLL : 8.1.0.3 53618 Bytes 15/10/2008 10:49:34
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 08:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 07/11/2009 15:32:00
AVREP.DLL : 8.0.0.3 155905 Bytes 20/01/2009 14:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05/12/2008 10:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 24/03/2009 15:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30/01/2009 10:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28/01/2009 15:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02/02/2009 08:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05/12/2008 10:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15/05/2009 15:39:58
RCTEXT.DLL : 9.0.37.0 86785 Bytes 17/04/2009 10:19:48

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +JOKE,

Start of the scan: lundi 9 novembre 2009 15:58

Starting search for hidden objects.
'55894' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'NintendoWFCReg.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'VTTrayp.exe' - '1' Module(s) have been scanned
Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
32 processes with 32 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
Master boot sector HD3
[INFO] No virus was found!
Master boot sector HD4
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '52' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP324\A0070705.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP335\A0075752.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP340\A0077115.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan

Beginning disinfection:
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP324\A0070705.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4b283ed9.qua'!
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP335\A0075752.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4b283edd.qua'!
C:\System Volume Information\_restore{79D8979D-6B01-48ED-B14F-F9216DAA4195}\RP340\A0077115.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to '4b283ee6.qua'!


End of the scan: lundi 9 novembre 2009 17:09
Used time: 1:10:17 Hour(s)

The scan has been done completely.

5189 Scanned directories
253501 Files were scanned
3 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
3 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
253497 Files not concerned
1523 Archives were scanned
1 Warnings
4 Notes
55894 Objects were scanned with rootkit scan
0 Hidden objects were found

Autres pages sur : resolu infection crypt xpack gen

a c 296 8 Sécurité
9 Novembre 2009 17:18:03

Bonjour,

Sais-tu qu'AntiVir Personal existe en français ?

Les infections trouvées par AntiVir se trouvent uniquement dans C:\System Volume Information, il suffit de désactiver/réactiver la restauration système.
9 Novembre 2009 17:21:18

J'ai télécharger la version française mais impossible de terminé la maj, alors qu'avec la version anglaise, la maj se fini correctement =s

Je vais essayé de trouvé comment désactivé/réactiver la restauration système, merci ^^
Contenus similaires
9 Novembre 2009 17:26:10

Voila c'est fait, j'espère que sa m'a enlevé les virus, merci beaucoup
9 Novembre 2009 17:38:01

Ok je ferait un scan rapide avec, merci pour tout ;) 
a c 296 8 Sécurité
9 Novembre 2009 17:42:27

--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.

    ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS